Monitoring and Logging
About monitoring and logging and the related commands.
You can use the show session-table to see the relationships between ALG control packet flows and any secondary packet flows. The session handles are created if the control packet flows match either a stateful firewall rule or a NAT rule for the interface.
An example of a show session-table output for a SIP packet flow follows.
vyatta@vyatta:~$ show session-table TCP state codes: SS - SYN SENT, SR - SYN RECEIVED, ES - ESTABLISHED, FW - FIN WAIT, CW - CLOSE WAIT, LA - LAST ACK, TW - TIME WAIT, CL - CLOSE, LI - LISTEN CONN ID Source Destination Protocol TIMEOUT Intf Parent 19 192.168.11.111:54984 192.168.22.22:5060 udp  ES 58 dp0s12 0 20 192.168.11.111:4242 192.168.22.22:23000 udp  ES 58 dp0s12 19
The session handle represents a control packet flow if the value of the last column of the output is '0' (zero). Otherwise, the number in the last column is the Connection ID of the parent control flow for this secondary flow.
Certain ALGs may have nested relationships between various session handles, which means that a secondary flow may also be a parent to a tertiary packet flow. The nested relationships are captured in the parent column of the session table output. There is no implied order to the output of show session-table output. If multiple packet flows generate session handles, related session handles may be intermixed with other session handles in the command output.
The error messages from the ALG system are recorded in the dataplane log. To display the error log, use show dataplane log: